ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Small Business Server 2003 to 2012 R2 Migration and Virtualized Domain Controller Questions

    Scheduled Pinned Locked Moved IT Discussion
    windowswindows serversbswindows server 201small business seractive directorydomain controller
    321 Posts 12 Posters 100.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • garak0410G
      garak0410
      last edited by

      Will BRB...got a heavily used printer down.

      1 Reply Last reply Reply Quote 0
      • garak0410G
        garak0410
        last edited by

        OK, the paths looked good, so hitting next (masking out my actual domain and PC names)

        Review Options show this:

        Configure this server as an additional Active Directory domain controller for the domain "mydomain.local".

        Site Name: Default-First-Site-Name

        Additional Options:

        Read-only domain controller: No

        Global catalog: Yes

        DNS Server: Yes

        Update DNS Delegation: No

        Source DC: domainPC.mydomain.local

        Database folder: C:\Windows\NTDS

        Log file folder: C:\Windows\NTDS

        SYSVOL folder: C:\Windows\SYSVOL

        The DNS Server service will be configured on this computer.

        This computer will be configured to use this DNS server as its preferred DNS server.

        So, looking good here to continue to proceed?

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          Looks good to me.

          DashrenderD 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @scottalanmiller
            last edited by

            @scottalanmiller said:

            Looks good to me.

            agreed, just like mine did.

            1 Reply Last reply Reply Quote 0
            • garak0410G
              garak0410
              last edited by

              Ready to click FINISH

              First part of results not in screen shot:

              Windows Server 2012 R2 domain controllers have a default for the security setting named "Allow cryptography algorithms compatible with Windows NT 4.0" that prevents weaker cryptography algorithms when establishing security channel sessions.

              For more information about this setting, see Knowledge Base article 942564 (http://go.microsoft.com/fwlink/?LinkId=104751).

              preCheck.jpg

              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender
                last edited by Dashrender

                As long as you don't have any NT servers or workstations connecting you should be good.

                I was concerned that maybe my XP machines might have an issue, but there hasn't been one!

                Click install.

                FYI, you might want to edit your photo, your domain name is listed there.

                garak0410G 1 Reply Last reply Reply Quote 1
                • garak0410G
                  garak0410 @Dashrender
                  last edited by

                  @Dashrender said:

                  As long as you don't have any NT servers or workstations connecting you should be good.

                  I was concerned that maybe my XP machines might have an issue, but there hasn't been one!

                  Click install.

                  Clicking on INSTALL. I will not be demoting the old one until Friday evening...

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller
                    last edited by

                    Why demote so soon? I would wait a bit longer than that.

                    1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender
                      last edited by

                      You have at least 15 days if not longer before this server will start shutting down on it's own. Give yourself plenty of time to make sure all things work.

                      Did you setup DHCP for the client computers?

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • Bill KindleB
                        Bill Kindle
                        last edited by

                        Definitely wait a little while. My rule of thumb is no less than a week, even in really small environments. Gives me enough time to verify that there are no replication issues going on.

                        Garak is giving me some 70-410 practice over on another forum 🙂

                        1 Reply Last reply Reply Quote 0
                        • garak0410G
                          garak0410
                          last edited by

                          It's looking good y'all! I'm gonna buy everyone pizza or coffee when this is done!

                          The next step on my list is this:

                          •Transfer FSMO Roles to new Server 2012 R2 Domain Controller
                          â—¾Transfer all 5 or one at a time and start demoting your old Server 2003 DC's in the next step. But the key to remember is to NOT demote any of the current domain controllers that have any of your FSMO roles on them. Be sure to transfer them off first before proceeding to DC demotion.
                          â—¾http://blogs.technet.com/b/canitpro/archive/2013/05/27/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012.aspx

                          Stick with this?

                          1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @Dashrender
                            last edited by

                            @Dashrender said:

                            You have at least 15 days if not longer before this server will start shutting down on it's own. Give yourself plenty of time to make sure all things work.

                            90 days I think. Need to look that up.

                            1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller
                              last edited by

                              And the timer doesn't start when this one is added. It starts when the FSMO roles are moved.

                              1 Reply Last reply Reply Quote 1
                              • garak0410G
                                garak0410
                                last edited by

                                OK, so what is really recommended next? Run off both DC's for a good while? Since my old DC was my file server as well, I am wanting to get that moved. So perhaps move on to that this Friday evening. That is where the DHCP may come into play. And changing some of our messy VBA apps code to point to new file server.

                                1 Reply Last reply Reply Quote 0
                                • garak0410G
                                  garak0410
                                  last edited by

                                  Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                                  NetworkNerdN scottalanmillerS IRJI 4 Replies Last reply Reply Quote 0
                                  • NetworkNerdN
                                    NetworkNerd @garak0410
                                    last edited by

                                    @garak0410 said:

                                    Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                                    Something like this should suffice: robocopy /mir /sec /secfix "source" "destination"

                                    garak0410G 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @garak0410
                                      last edited by

                                      @garak0410 said:

                                      Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                                      It will keep permissions.

                                      What do you mean by echoing a server name?

                                      1 Reply Last reply Reply Quote 0
                                      • IRJI
                                        IRJ @garak0410
                                        last edited by

                                        @garak0410 said:

                                        Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                                        I am running a robocopy from an old file server to a new one right now. I have been slowly robycopying everything over to the new server. Yes it will keep all the permissions.

                                        1 Reply Last reply Reply Quote 0
                                        • IRJI
                                          IRJ @garak0410
                                          last edited by

                                          @garak0410 said:

                                          Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                                          After you decommission the old server, just create a DNS forwarder. That will forward all requests for the Old Server name to the New Server Name

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @IRJ
                                            last edited by

                                            @IRJ said:

                                            @garak0410 said:

                                            Most people have said just ROBOCOPY the files from the old file server (in this case, SBS 2003) to the new one (2012 R2 Virtual Machine) and it will keep the permissions intact and echo the different server name...correct?

                                            After you decommission the old server, just create a DNS forwarder. That will forward all requests for the Old Server name to the New Server Name

                                            CNAME (alias) he means.

                                            IRJI 1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 9
                                            • 10
                                            • 11
                                            • 12
                                            • 13
                                            • 16
                                            • 17
                                            • 11 / 17
                                            • First post
                                              Last post